Page de demarrage ask inchangeable

Bonjour, je n ai pu vous répondre plus tot.
merci beaucoup.

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 13:37:23 le 15/08/2011, Mode normal

Microsoft Windows XP Édition familiale Service Pack 2 (X86)
yamin@YOUR-AB6CD29F8E ( )

============== RECHERCHE ==============


Fichier trouvé: C:\Program Files\Mozilla FireFox\searchplugins\SearchquWebSearch.xml
Dossier trouvé: C:\Documents and Settings\yamin\Application Data\Mozilla\FireFox\Profiles\bm5ovh9n.default\extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Fichier trouvé: C:\Documents and Settings\yamin\Application Data\Mozilla\FireFox\Profiles\bm5ovh9n.default\searchplugins\SearchquWebSearch.xml
Dossier trouvé: C:\Documents and Settings\yamin\Application Data\Bandoo
Dossier trouvé: C:\Program Files\Bandoo

-- Fichier ouvert: C:\Documents and Settings\yamin\Application Data\Mozilla\FireFox\Profiles\bm5ovh9n.default\Prefs.js --
Ligne trouvée: user_pref("browser.search.defaultengine", "Ask.com");
Ligne trouvée: user_pref("browser.search.defaultenginename", "Ask.com");
Ligne trouvée: user_pref("browser.search.order.1", "Ask.com");
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://www.searchqu.com/406");
Ligne trouvée: user_pref("extensions.enabledItems", "{B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1,jqs@sun.com:1.0,{...
Ligne trouvée: user_pref("keyword.URL", "hxxp://www.searchqu.com/web?src=ffb&systemid=406&q=");
-- Fichier Fermé --


Clé trouvée: HKLM\Software\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Clé trouvée: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Clé trouvée: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé trouvée: HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
Clé trouvée: HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Clé trouvée: HKLM\Software\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Clé trouvée: HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Clé trouvée: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Clé trouvée: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Clé trouvée: HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Clé trouvée: HKLM\Software\Classes\BandooCore.BandooCore
Clé trouvée: HKLM\Software\Classes\BandooCore.BandooCore.1
Clé trouvée: HKLM\Software\Classes\BandooCore.ResourcesMngr
Clé trouvée: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Clé trouvée: HKLM\Software\Classes\BandooCore.SettingsMngr
Clé trouvée: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Clé trouvée: HKLM\Software\Classes\BandooCore.StatisticMngr
Clé trouvée: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Clé trouvée: HKLM\Software\Classes\AppID\BandooCore.EXE
Clé trouvée: HKLM\Software\bandoo
Clé trouvée: HKLM\Software\DataMngr
Clé trouvée: HKLM\Software\SearchquMediabarTb
Clé trouvée: HKCU\Software\DataMngr
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Bandoo
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|DataMngr
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [5.0 (fr)] ****

HKLM_MozillaPlugins\@mcafee.com/MSC,version=10 (x)
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Searchplugins\McSiteAdvisor.xml ( hxxp://fr.search.yahoo.com/search)
Searchplugins\SearchquWebSearch.xml ( hxxp://www.searchqu.com/web?src=ffb&systemid=406&q={searchTerms}/)
Components\browsercomps.dll (Mozilla Foundation)
Components\Scriptff.dll (McAfee, Inc.)
HKLM_Extensions|{B7082FAA-CB62-4872-9106-E42DD88EDE45} - C:\Program Files\McAfee\SiteAdvisor

-- C:\Documents and Settings\yamin\Application Data\Mozilla\FireFox\Profiles\bm5ovh9n.default --
Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} (Searchqu Toolbar)
Searchplugins\SearchquWebSearch.xml ( hxxp://www.searchqu.com/web?src=ffb&systemid=406&q={searchTerms}/)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\yamin\\Mes documents\\Mes images
Prefs.js - browser.search.defaultenginename, Ask.com
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage, hxxp://www.searchqu.com/406
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0
Prefs.js - keyword.URL, hxxp://www.searchqu.com/web?src=ffb&systemid=406&q=

========================================

**** Internet Explorer Version [7.0.5730.11] ****

HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Start Page - hxxp://www.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Local Page - hxxp://www.msn.com/
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKCU_URLSearchHooks|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - "McAfee SiteAdvisor Toolbar" (c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll)
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=LMW4&o=16795&src=crm&q={searchTer...)
HKCU_SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406} - "Web Search" (hxxp://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms})
HKCU_SearchScopes\{F6CDBC94-12A1-4F1C-B34D-9F7E79FB0DC5} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})
HKLM_SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406} - "Web Search" (hxxp://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms})
HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x)
HKCU_Toolbar\ShellBrowser|{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} (x)
HKCU_Toolbar\WebBrowser|{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} (x)
HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (x)
HKLM_Toolbar|{5093EB4C-3E93-40AB-9266-B607BA87BDC8} (C:\Program Files\StumbleUpon\StumbleUponIEBar.dll)
HKLM_Toolbar|{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} (c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll)
HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (C:\PROGRA~1\WI371A~1\ToolBar\searchqudtx.dll)
HKLM_ElevationPolicy\{1FCCD250-A453-4348-86C1-E5EA9B76FADB} - C:\Program Files\McAfee\VirusScan\mcvsmap.exe (McAfee, Inc.)
HKLM_ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC} - C:\Program Files\Bandoo\BndCore.exe (x)
HKLM_ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12} - C:\Program Files\Bandoo\ExtensionsManager.exe (x)
HKLM_ElevationPolicy\{8DF8EB5E-A22B-418F-99B6-41342D478A2E} - C:\PROGRA~1\WI371A~1\ToolBar\dtUser.exe (Visicom Media Inc.)
HKLM_ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\ToolBar\uninstall.exe (?)
HKLM_ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} - C:\Program Files\Bandoo\Bandoo.exe (x)
HKLM_ElevationPolicy\{A8F94DF3-F6C6-422a-8BFC-7EE0F60A8609} - C:\Program Files\McAfee\VirusScan\mcvsshld.exe (McAfee, Inc.)
HKLM_ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080} - C:\Program Files\Bandoo\BandooUI.exe (x)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?)
BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Adobe PDF Reader Link Helper" (C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll) (x)
BHO\{145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - "StumbleUpon Launcher" (C:\Program Files\StumbleUpon\StumbleUponIEBar.dll)
BHO\{5CA3D70E-1895-11CF-8E15-001234567890} - "DriveLetterAccess" (C:\WINDOWS\system32\dla\tfswshx.dll)
BHO\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - "scriptproxy" (C:\Program Files\Fichiers communs\McAfee\SystemCore\ScriptSn.20110729155715.dll)
BHO\{99079a25-328f-4bd4-be04-00955acaa0a7} - "Searchqu Toolbar" (C:\PROGRA~1\WI371A~1\ToolBar\searchqudtx.dll)
BHO\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - "UrlHelper Class" (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll)
BHO\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} - "McAfee SiteAdvisor BHO" (c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 0 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 15/08/2011 13:37:36 (9046 Octet(s))

Fin à: 13:38:49, 15/08/2011

============== E.O.F ==============

pardonne ma précipitation, j avais si hâte d'en finir ...
Ci dessous le rapport adwcleaner ; qu en penses tu ?


# AdwCleaner v1.0 - Rapport créé le 16/08/2011 à 13:48:15
# Mis à jour le 15/08/11 à 15h30 par Xplode
# Système d'exploitation : Microsoft Windows XPService Pack 2 (32 bits)
# Nom d'utilisateur : yamin - YOUR-AB6CD29F8E (Administrateur)
# Exécuté depuis : C:\Documents and Settings\yamin\Bureau\AdwCleaner.exe
# Option [Recherche]


***** [Processus] *****


***** [Services] *****


***** [Fichiers / Dossiers] *****


***** [Registre] *****


***** [Navigateurs] *****

-\\ Internet Explorer v7.0.5730.11

[OK] Le registre ne contient aucune entrée illégitime.

-\\ Mozilla Firefox v5.0 (fr)

Profil : bm5ovh9n.default
Fichier : C:\Documents and Settings\yamin\Application Data\Mozilla\Firefox\Profiles\bm5ovh9n.default\prefs.js

[OK] Le fichier ne contient aucune entrée illégitime.


*************************

AdwCleaner[S1].txt - [1008 octets] - [16/08/2011 13:37:23]
AdwCleaner[R1].txt - [911 octets] - [16/08/2011 13:48:15]

########## EOF - C:\AdwCleaner[R1].txt - [1038 octets] ##########

voici le rapport de usbFix ...

############################## | UsbFix 7.056 | [Recherche]

Utilisateur: yamin (Administrateur) # YOUR-AB6CD29F8E [ ]
Mis à jour le 15/08/2011 par El Desaparecido
Lancé à 18:16:00 | 16/08/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: Intel(R) Pentium(R) M processor 1.73GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 7.0.5730.11

Pare-feu Windows: Désactivé /!\
Antivirus: Protection antivirus et antispyware McAfee [Enabled | Updated]
Firewall: Pare-feu McAfee [Enabled]
RAM -> 1022 Mo
C:\ (%systemdrive%) -> Disque fixe # 74 Go (23 Go libre(s) - 31%) [] # NTFS
D:\ -> CD-ROM
F:\ -> Disque fixe # 149 Go (68 Go libre(s) - 45%) [SAMSUNG] # FAT32

################## | Éléments infectieux |

Présent! C:\WINDOWS\system32\autorun.inf
Présent! C:\DOCUME~1\yamin\LOCALS~1\Temp\setup.exe
Présent! C:\DOCUME~1\yamin\LOCALS~1\Temp\SetupDataMngr_Searchqu.exe
Présent! C:\RECYCLER\S-1-5-21-882499057-3658036667-3362748757-1006
Présent! C:\RECYCLER\S-1-5-21-882499057-3658036667-3362748757-1008
Présent! F:\autorun.inf NEUTRALISE (par Anti-autorun.inf).txt

################## | Registre |


################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{5e125359-4411-11dd-805b-00166f7a9979}
Shell\AutoRun\Command = E:\LaunchU3.exe -a

HKCU\.\.\.\.\Explorer\MountPoints2\{8168fff0-e553-11db-be73-00166f7a9979}
Shell\AutoRun\Command = E:\1.cmd
Shell\open\Command = E:\1.cmd


################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |

Je lis et relis chaque fois la dernière phrase "¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤" ...
voila le rapportt ZHP diag .
Sinon; globalement, de l'ensemble, j ai saisi 2 ou 3 trucs ... merci à toi et asktoolbar !

Rapport de ZHPDiag v1.28.134 par Nicolas Coolman, Update du 16/08/2011
Run by yamin at 17/08/2011 00:44:23
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html


---\\ Web Browser
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox 5.0 v5.0 (Defaut)

---\\ Windows Product Information
Windows XP Home Edition Service Pack 2 (Build 2600)
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 6 Model 13 Stepping 8, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1022 MB (58% free)
System Restore: Activé (Enable)
System drive C: has 28 GB (37%) free of 74 GB

---\\ Logged in mode
~ Computer Name: YOUR-AB6CD29F8E
~ User Name: yamin
~ All Users Names: yamin, SUPPORT_388945a0, mina, lilly, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\yamin\Application Data\
~ %Desktop% : C:\Documents and Settings\yamin\Bureau\
~ %Favorites% : C:\Documents and Settings\yamin\Favoris\
~ %LocalAppData% : C:\Documents and Settings\yamin\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\yamin\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 28 Go of 74 Go)
D:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D0288319660EDCFED07C7E74C4EA38A5] - (.Microsoft Corporation - Explorateur Windows.) (.16/08/2011 - 14:22:28.) -- C:\WINDOWS\Explorer.exe [1037312]
[MD5.F5402CD47B7389DDC21F92119A906EEE] - (....) (.16/08/2011 - 11:00:00.) -- C:\WINDOWS\system32\rundll32.exe [33792]
[MD5.472DA633364B4B89BE8DD087C03EF7FA] - (.Microsoft Corporation - Internet Extensions for Win32.) (.17/08/2011 - 18:17:47.) -- C:\WINDOWS\system32\wininet.dll [832512]
[MD5.D2DE785AEAB0BB8CA4C14A8A199DBE4E] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.17/08/2011 - 11:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [506368]
[MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.17/08/2011 - 21:59:44.) -- C:\WINDOWS\system32\drivers\atapi.sys [95360]
[MD5.19A811EF5F1ED5C926A028CE107FF1AF] - (.Microsoft Corporation - NT File System Driver.) (.17/08/2011 - 12:10:35.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574464]
~ Scan Generic Processes in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 8/1918
~ Mes musiques (My Musics) : 2/28
~ Mes Videos (My Videos) : 10/10 (Modified)
~ Mes Favoris (My Favorites) : 1/37
~ Mes Documents (My Documents) : 98/8926
~ Mon Bureau (My Desktop) : 0/18
~ Menu demarrer (Programs) : 5/34
~ Scan Hidden Files in 00mn 11s



---\\ Processus lancés
[MD5.6991A9EA5E74E6035B8DAB17A7572CF3] - (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe [148520] [PID.]
[MD5.29C45F29E6B60BBF554DD89E499D384E] - (.McAfee, Inc. - McAfee On-Access Scanner service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe [165000] [PID.]
[MD5.A2E16406728BE43076473A99C2F13678] - (.McAfee, Inc. - McAfee Core Firewall Service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe [159832] [PID.]
[MD5.352FBF618066D0CEB7DC8ECABEB1A8D7] - (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\system32\dla\tfswctrl.exe [122941] [PID.3052]
[MD5.A8AA9D47F971570A5162B862B80F87E8] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [132424] [PID.]
[MD5.7E6932EEDA54C8EAF7DC6C2225261B85] - (.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe [214904] [PID.]
[MD5.D0A18CD6E494CE7C9D363093E96E004B] - (.McAfee, Inc. - McAfee Security Center.) -- c:\PROGRA~1\mcafee.com\agent\mcagent.exe [1306728] [PID.764]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472] [PID.388]
[MD5.0455B5115F102E1AAE62F2C8485BCA2A] - (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [88176] [PID.]
[MD5.F5402CD47B7389DDC21F92119A906EEE] - (...) -- C:\WINDOWS\system32\rundll32.exe [33792] [PID.2832]
[MD5.7A56CF3E3F12E8AF599963B16F50FB6A] - (.Microsoft Corporation - Office Source Engine.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [89136] [PID.]
[MD5.DAE5AE7E0A6A9AD531A1AD9F957CEAF2] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [664064] [PID.372]
[MD5.2FE681D10C5FC343DBBC0610B8DD4D24] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]
~ Scan Processes Running in 00mn 02s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\yamin\Local Settings\Application Data\Mozilla\Firefox\Profiles\bm5ovh9n.default\prefs.js (.not file.)
C:\Documents and Settings\yamin\Local Settings\Application Data\Mozilla\Firefox\Profiles\bm5ovh9n.default\user.js (.not file.)
M3 - MFPP: Plugins - [yamin] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [yamin] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [yamin] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [yamin] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [yamin] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [yamin] -- C:\Program Files\Mozilla FireFox\searchplugins\McSiteAdvisor.xml
M3 - MFPP: Plugins - [yamin] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [yamin] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- c:\progra~1\mcafee\msc\npmcsn~1.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKUS\S-1-5-21-882499057-3658036667-3362748757-1006\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKUS\S-1-5-21-882499057-3658036667-3362748757-1006\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.17055 (vista_gdr.100414-0533)) -- C:\WINDOWS\system32\ieframe.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,3,1,137) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe,
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Scan Hosts File in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline
O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} . (.stumbleupon.com - StumbleUpon Toolbar.) -- C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\ScriptSn.20110729155715.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java(TM) Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} . (.stumbleupon.com - StumbleUpon Toolbar.) -- C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} . (...) -- (.not file.)
O3 - Toolbar: (no name) - {1E796980-9CC5-11D1-A83F-00C04FC99D61} . (...) -- (.not file.)
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Zooming] . (.TOSHIBA - TOSHIBA Zooming Utility Hotkey Hook.) -- C:\WINDOWS\system32\ZoomingHook.exe
O4 - HKLM\..\Run: [Tvs] . (.TOSHIBA Corporation - TOSHIBA Virtual Sound Taskbar Module.) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] . (.TOSHIBA Corporation - Pas de description.) -- C:\WINDOWS\system32\TPSMain.exe
O4 - HKLM\..\Run: [TPNF] . (.COMPAL ELECTRONIC INC. - TPTray Application.) -- C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TCtryIOHook] . (.TOSHIBA - TOSHIBA Control Utility Hotkey Hook.) -- C:\WINDOWS\system32\TCtrlIOHook.exe
O4 - HKLM\..\Run: [SVPWUTIL] . (.TOSHIBA - SVPWUTIL Application.) -- C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe
O4 - HKLM\..\Run: [SmoothView] . (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [REGSHAVE] . (.FUJI PHOTO FILM CO., LTD. - Shaving Registry.) -- C:\Program Files\REGSHAVE\REGSHAVE.exe
O4 - HKLM\..\Run: [PadTouch] . (.TOSHIBA - PadTouch Main.) -- C:\Program Files\TOSHIBA\Touch and Launch\Padexe.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [LtMoh] . (.Agere Systems - LtMoh MFC Application.) -- C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [HWSetup] . (.TOSHIBA CO.,LTD. - HWSetup.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe
O4 - HKLM\..\Run: [dla] . (.Sonic Solutions - Drive Letter Access Component.) -- C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe
O4 - HKLM\..\Run: [CeEKEY] . (.COMPAL ELECTRONIC INC. - TOSHIBA HotKey Utility.) -- C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [ATIPTA] . (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] . (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper Module.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [OM2_Monitor] . (.OLYMPUS IMAGING CORP. - resident module - First Starter.) -- C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe
O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [NeroCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [VoipBuster] C:\program files\voipbuster.com\voipbuster\voipbuster.exe (.not file.)
O4 - HKCU\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.exe (.not file.)
O4 - HKCU\..\Run: [FreeCall] C:\program files\freecall.com\freecall\freecall.exe (.not file.)
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM2_Monitor] . (.OLYMPUS IMAGING CORP. - resident module.) -- C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-882499057-3658036667-3362748757-1006\..\Run: [VoipBuster] C:\program files\voipbuster.com\voipbuster\voipbuster.exe (.not file.)
O4 - HKUS\S-1-5-21-882499057-3658036667-3362748757-1006\..\Run: [TOSCDSPD] . (.TOSHIBA - CD/DVD Drive Acoustic Silencer.) -- C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKUS\S-1-5-21-882499057-3658036667-3362748757-1006\..\Run: [MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-882499057-3658036667-3362748757-1006\..\Run: [FreeCall] C:\program files\freecall.com\freecall\freecall.exe (.not file.)
O4 - HKUS\S-1-5-21-882499057-3658036667-3362748757-1006\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-882499057-3658036667-3362748757-1006\..\Run: [OM2_Monitor] . (.OLYMPUS IMAGING CORP. - resident module.) -- C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
~ Scan Application in 00mn 03s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader 7.0.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A71000000002}\SC_Reader_PM.ico
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Access.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Excel.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft FrontPage.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Office PowerPoint Viewer 2003.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Outlook.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft PowerPoint.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Publisher.lnk . (...) -- C:\WINDOWS\Installer\{0004040C-78E1-11D2-B60F-006097C998E7}\pubs.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Word.lnk . (...) -- C:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\NeroMediaPlayer.lnk . (.Ahead software.) -- C:\Program Files\Ahead\NeroMediaPlayer\NeroMediaPlayer.exe
O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - Global Startup: C:\Documents And Settings\yamin\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - Global Startup: C:\Documents And Settings\yamin\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Documents And Settings\yamin\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - Global Startup: C:\Documents And Settings\yamin\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Scan Global Startup in 00mn 02s



---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - (.not file.) - StumbleUponIEBar.dll
~ Scan IE Menu Contextuel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.stumbleupon.com
O15 - Trusted Zone: [HKCU\...\Domains\www] *.stumbleupon.com
~ Scan IE Zone Confiance in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B1168307-5854-4A62-8131-0AAB2DA00CA9}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{B1168307-5854-4A62-8131-0AAB2DA00CA9}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS3\Services\Tcpip\..\{7E5C1DA0-ED72-41A0-BD91-86C394D793DF}: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} . (.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} . (.McAfee, Inc. - McAfee MSC IE plugin DLL.) -- c:\progra~1\mcafee\msc\mcsniepl.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Scan Winlogon in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - c:\progra~1\wi371a~1\datamngr\datamngr.dll (.not file.)
~ Scan AppInit DLL in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) . (.TOSHIBA CORPORATION - Service of ConfigFree..) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) . (.McAfee, Inc. - SiteAdvisor.) - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe
O23 - Service: Yahoo! Updater (YahooAUService) . (.Yahoo! Inc. - AutoUpater Service Module.) - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
~ Scan Services in 00mn 00s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cac9312d4cb424.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Symantec NetDetect.job
~ Scan Scheduled Task in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys
O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys
O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys
O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys
O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys
O41 - Driver: McAfee Inc. mfetdi2k (mfetdi2k) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\WINDOWS\system32\drivers\mfetdi2k.sys
O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys
O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys
O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys
O41 - Driver: (SrvcSSIOMngr) . (.COMPAL ELECTRONIC INC. - IoManager Application.) - C:\WINDOWS\system32\Drivers\SSIoMngr.sys
O41 - Driver: (sscdbhk5) . (.Sonic Solutions - Shared Driver Component.) - C:\WINDOWS\system32\drivers\sscdbhk5.sys
O41 - Driver: (ssrtln) . (.Sonic Solutions - Shared Driver Component.) - C:\WINDOWS\system32\drivers\ssrtln.sys
O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys
O41 - Driver: (TPwSav) . (.TOSHIBA - IO Driver For TOSHIBA Power Saver.) - C:\WINDOWS\system32\Drivers\TPwSav.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
~ Scan Drivers in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: ALPS Touch Pad Driver - (.Pas de propriétaire.) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver
O42 - Logiciel: Adibou V.3.10 (C:) - (.Pas de propriétaire.) [HKLM] -- Adibou V.3.10 (C:)
O42 - Logiciel: Adibou,Je lis, je calcule 5-6 - (.Mindscape.) [HKLM] -- {5566EB65-F154-46C3-A4F9-CE4B7BF2069A}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Assist TOSHIBA - (.Pas de propriétaire.) [HKLM] -- {12B3A009-A080-4619-9A2A-C6DB151D8D67}
O42 - Logiciel: Commandes TOSHIBA - (.Pas de propriétaire.) [HKLM] -- {A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}
O42 - Logiciel: Creative WebCam NX Driver (1.02.01.0827) - (.Pas de propriétaire.) [HKLM] -- Creative PD1110
O42 - Logiciel: FUJIFILM USB Driver - (.Pas de propriétaire.) [HKLM] -- {5490882C-6961-11D5-BAE5-00E0188E010B}
O42 - Logiciel: FinePixViewer Ver.4.3 - (.Pas de propriétaire.) [HKLM] -- {24ED4D80-8294-11D5-96CD-0040266301AD}
O42 - Logiciel: Formatage de carte mémoire SD TOSHIBA - (.Pas de propriétaire.) [HKLM] -- {48CF9A66-5F03-4025-ABD0-B3A3FA095A59}
O42 - Logiciel: Gestion d'énergie TOSHIBA - (.Pas de propriétaire.) [HKLM] -- Power Saver
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows XP (KB915865) - (.Microsoft Corporation.) [HKLM] -- KB915865
O42 - Logiciel: Hotfix for Windows XP (KB926239) - (.Microsoft Corporation.) [HKLM] -- KB926239
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: InterActual Player - (.Pas de propriétaire.) [HKLM] -- InterActual Player
O42 - Logiciel: InterVideo WinDVD Creator 2 - (.Pas de propriétaire.) [HKLM] -- {2FCE4FC5-6930-40E7-A4F1-F862207424EF}
O42 - Logiciel: InterVideo WinDVD for TOSHIBA - (.Pas de propriétaire.) [HKLM] -- {91810AFC-A4F8-4EBA-A5AA-B198BBC81144}
O42 - Logiciel: LG PC Suite - (.LGE.) [HKLM] -- {993960EE-CA4D-443F-8F88-E24260DD5FD2}
O42 - Logiciel: LG USB Modem Driver-MDMS - (.LG Electronics.) [HKLM] -- {4B141C08-51E5-4224-81BD-5FC967195734}
O42 - Logiciel: Lapin Malin Maternelle 1 2007 - (.Pas de propriétaire.) [HKLM] -- {A08D0E9F-6E0F-43C7-9172-F12078D545FA}
O42 - Logiciel: Lapin Malin, Le globe magique - (.Pas de propriétaire.) [HKLM] -- {7D764362-8733-4D49-9FA2-0A03CF36AEFE}
O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player
O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mamigou - (.Pas de propriétaire.) [HKLM] -- Mamigou
O42 - Logiciel: Manuels TOSHIBA - (.TOSHIBA.) [HKLM] -- {3EB6332B-AF02-457C-A31C-835458C5B48B}
O42 - Logiciel: McAfee AntiVirus Plus - (.McAfee, Inc..) [HKLM] -- MSC
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 - (.Microsoft Corporation.) [HKLM] -- Wdf01005
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009
O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wudf01009
O42 - Logiciel: Microsoft WinUsb 1.0 - (.Microsoft Corporation.) [HKLM] -- winusb0100
O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr)
O42 - Logiciel: NeroMediaPlayer - (.Pas de propriétaire.) [HKLM] -- NMPUninstallKey
O42 - Logiciel: Nokia Connectivity Cable Driver - (.Pas de propriétaire.) [HKLM] -- {BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}
O42 - Logiciel: Outil de diagnostic PC TOSHIBA - (.Pas de propriétaire.) [HKLM] -- Outil de diagnostic PC
O42 - Logiciel: PCFriendly - (.Pas de propriétaire.) [HKLM] -- PCFriendly
O42 - Logiciel: Panneau de contrôle ATI - (.Pas de propriétaire.) [HKLM] -- {0BEDBD4E-2D34-47B5-9973-57E62B29307C}
O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: Réducteur de bruit lect. CD/DVD - (.TOSHIBA.) [HKLM] -- {9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}
O42 - Logiciel: Samsung Auto Backup - (.Clarus.) [HKLM] -- {821D6F49-1B20-4809-8C73-286CFC52B1B1}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Son virtuel TOSHIBA - (.Pas de propriétaire.) [HKLM] -- {8B12BA86-ADAC-4BA6-B441-FFC591087252}
O42 - Logiciel: StumbleUpon IE Toolbar - (.StumbleUpon.) [HKLM] -- StumbleUponIEToolbar
O42 - Logiciel: TOSHIBA Accessibility - (.TOSHIBA.) [HKLM] -- InstallShield_{3A57482F-BEBC-47E4-ADA1-6302403C7E50}
O42 - Logiciel: TOSHIBA ConfigFree - (.Pas de propriétaire.) [HKLM] -- {BDD83DC9-BEE9-4654-A5DA-CC46C250088D}
O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA.) [HKLM] -- InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}
O42 - Logiciel: TOSHIBA Mot de passe responsable - (.TOSHIBA.) [HKLM] -- InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}
O42 - Logiciel: TOSHIBA Software Modem - (.Pas de propriétaire.) [HKLM] -- TOSHIBA Software Modem
O42 - Logiciel: Texas Instruments PCIxx21/x515 drivers. - (.Texas Instruments Inc..) [HKLM] -- InstallShield_{E18E644D-4FC1-4E7F-87B7-A0288A14A322}
O42 - Logiciel: Touch and Launch - (.Pas de propriétaire.) [HKLM] -- {5D96E2B1-D9AC-46E0-9073-425C5F63E338}
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707
O42 - Logiciel: Utilitaire Hotkey TOSHIBA - (.TOSHIBA.) [HKLM] -- InstallShield_{7900D3A6-A9E8-4954-ACCB-AB15867978BF}
O42 - Logiciel: Utilitaire TouchPad ON/OFF - (.TOSHIBA.) [HKLM] -- InstallShield_{80977342-27E8-4FF7-8B6A-D8D89461DA7F}
O42 - Logiciel: Utilitaire de zoom TOSHIBA - (.Pas de propriétaire.) [HKLM] -- {64212898-097F-4F3F-AECA-6D34A7EF82DF}
O42 - Logiciel: VLC media player 1.1.7 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Windows Imaging Component - (.Microsoft Corporation.) [HKLM] -- WIC
O42 - Logiciel: Windows Installer 3.1 (KB893803) - (.Microsoft Corporation.) [HKLM] -- KB893803v2
O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Yahoo! Software Update - (.Pas de propriétaire.) [HKLM] -- Yahoo! Software Update
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule

---\\ HKCU & HKLM Software Keys
[HKCU\Software\3rd Eye Solutions]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\Alps]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Aurigma]
[HKCU\Software\CDDB]
[HKCU\Software\Clarus]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Compal]
[HKCU\Software\DVDPlayr]
[HKCU\Software\FUJIFILM]
[HKCU\Software\FreeCall]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IADirectShow]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\InterActual Technologies]
[HKCU\Software\InterVideo]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MDO]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Marseillesoft]
[HKCU\Software\McAfee]
[HKCU\Software\Mindscape]
[HKCU\Software\Netscape]
[HKCU\Software\Novell]
[HKCU\Software\ODBC]
[HKCU\Software\OLYMPUS]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Opendisc]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Sonic]
[HKCU\Software\Sony Corporation]
[HKCU\Software\StumbleUpon]
[HKCU\Software\Symantec]
[HKCU\Software\TCtrlIOreg]
[HKCU\Software\TPS]
[HKCU\Software\Toshiba]
[HKCU\Software\Trolltech]
[HKCU\Software\Usbfix]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\VoipBuster]
[HKCU\Software\Yahoo]
[HKCU\Software\eMule]
[HKCU\Software\searchqutoolbar]
[HKLM\Software\781]
[HKLM\Software\ALPS]
[HKLM\Software\ATI Technologies Inc.]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\Agere]
[HKLM\Software\Ahead]
[HKLM\Software\America Online]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BrowserChoice]
[HKLM\Software\C07ft5Y]
[HKLM\Software\COMPAL]
[HKLM\Software\Clarus]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\FUJI PHOTO FILM CO.,LTD.]
[HKLM\Software\FUJIFILM]
[HKLM\Software\Gemplus]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\InterActual Technologies]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LG Electronics]
[HKLM\Software\LG PC Suite2]
[HKLM\Software\LGE]
[HKLM\Software\Lake]
[HKLM\Software\Lucent]
[HKLM\Software\Macromedia]
[HKLM\Software\Magnet]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfee]
[HKLM\Software\MimarSinan]
[HKLM\Software\Mindscape]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Novell]
[HKLM\Software\ODBC]
[HKLM\Software\OLYMPUS]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Persits Software]
[HKLM\Software\Policies]
[HKLM\Software\Program Groups]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Schlumberger]
[HKLM\Software\Secure]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Sonic]
[HKLM\Software\StumbleUpon]
[HKLM\Software\Sun Microsystems]
[HKLM\Software\Symantec]
[HKLM\Software\TOSHIBA]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows 3.1 Migration Status]
[HKLM\Software\Windows]
[HKLM\Software\Xing Technology Corp.]
[HKLM\Software\Yahoo]
[HKLM\Software\ZSMC]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/08/2011 - 13:37:24 - [53688705] ----D- C:\Program Files\Ad-Remover
O43 - CFD: 17/01/2011 - 13:00:30 - [482540080] ----D- C:\Program Files\Adibou,Je lis, je calcule 5-6
O43 - CFD: 14/04/2006 - 04:34:16 - [214595432] ----D- C:\Program Files\Adobe
O43 - CFD: 19/01/2011 - 20:25:38 - [46184950] ----D- C:\Program Files\adslTV
O43 - CFD: 14/05/2010 - 01:02:02 - [70271102] ----D- C:\Program Files\Ahead
O43 - CFD: 14/04/2006 - 04:34:20 - [3285555] ----D- C:\Program Files\Apoint2K
O43 - CFD: 15/02/2009 - 18:01:44 - [2221118] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 26/07/2006 - 20:06:04 - [16368080] ----D- C:\Program Files\ATI Technologies
O43 - CFD: 13/04/2009 - 09:40:38 - [392881] ----D- C:\Program Files\Bonjour
O43 - CFD: 12/05/2010 - 13:33:46 - [20836480] ----D- C:\Program Files\Clarus
O43 - CFD: 16/09/2005 - 08:35:16 - [0] ----D- C:\Program Files\ComPlus Applications
O43 - CFD: 26/09/2010 - 19:56:06 - [10083965053] ----D- C:\Program Files\eMule
O43 - CFD: 25/01/2010 - 01:23:50 - [323768080] ----D- C:\Program Files\Fichiers communs
O43 - CFD: 07/04/2007 - 23:54:52 - [48731075] ----D- C:\Program Files\FinePixViewer
O43 - CFD: 23/10/2006 - 22:41:46 - [85] ----D- C:\Program Files\Free
O43 - CFD: 15/08/2011 - 01:15:56 - [5043720] ----D- C:\Program Files\Google
O43 - CFD: 28/12/2009 - 15:12:14 - [5004687] ----D- C:\Program Files\HP
O43 - CFD: 17/01/2011 - 09:36:34 - [55199737] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 26/07/2006 - 20:06:12 - [8522535] ----D- C:\Program Files\Intel
O43 - CFD: 29/06/2009 - 11:24:52 - [7300064] ----D- C:\Program Files\InterActual
O43 - CFD: 13/06/2010 - 03:02:38 - [3279419] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 26/07/2006 - 20:09:14 - [122050460] ----D- C:\Program Files\InterVideo
O43 - CFD: 15/02/2009 - 19:44:04 - [1366063] ----D- C:\Program Files\iPod
O43 - CFD: 15/02/2009 - 19:44:34 - [88544477] ----D- C:\Program Files\iTunes
O43 - CFD: 21/07/2010 - 13:23:18 - [163185787] ----D- C:\Program Files\Java
O43 - CFD: 21/07/2010 - 13:24:42 - [16295712] ----D- C:\Program Files\JRE
O43 - CFD: 18/01/2011 - 11:44:22 - [507003694] ----D- C:\Program Files\LaserMedia
O43 - CFD: 11/10/2008 - 19:35:02 - [869731] ----D- C:\Program Files\LG Electronics
O43 - CFD: 11/10/2008 - 19:19:38 - [111892905] ----D- C:\Program Files\LG PC Suite 2
O43 - CFD: 15/08/2011 - 01:19:50 - [29238838] ----D- C:\Program Files\LimeWire
O43 - CFD: 14/04/2006 - 04:36:58 - [358606] ----D- C:\Program Files\ltmoh
O43 - CFD: 16/08/2011 - 18:32:28 - [6953653] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 26/04/2010 - 17:33:40 - [238241898] ----D- C:\Program Files\McAfee
O43 - CFD: 27/04/2010 - 18:27:42 - [2164969] ----D- C:\Program Files\McAfee.com
O43 - CFD: 19/08/2008 - 02:01:56 - [2146435] ----D- C:\Program Files\Messenger
O43 - CFD: 23/03/2010 - 23:09:46 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 28/07/2006 - 19:37:16 - [173218] ----D- C:\Program Files\microsoft frontpage
O43 - CFD: 28/07/2006 - 19:38:18 - [256669270] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 19/06/2011 - 11:15:52 - [38411899] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 28/07/2006 - 19:31:00 - [5897045] ----D- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 14/04/2006 - 04:38:28 - [149660739] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 14/04/2006 - 04:38:28 - [131072] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 17/01/2011 - 09:36:06 - [30924792] ----D- C:\Program Files\Mindscape
O43 - CFD: 10/03/2010 - 23:56:18 - [10371290] ----D- C:\Program Files\Movie Maker
O43 - CFD: 17/08/2011 - 00:05:04 - [34765482] ----D- C:\Program Files\Mozilla Firefox
O43 - CFD: 26/01/2010 - 23:54:14 - [25757] ----D- C:\Program Files\MSBuild
O43 - CFD: 15/05/2010 - 17:09:28 - [21471559] ----D- C:\Program Files\MSN
O43 - CFD: 14/04/2006 - 04:38:44 - [8745735] ----D- C:\Program Files\MSN Gaming Zone
O43 - CFD: 20/11/2006 - 21:22:32 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 26/01/2010 - 23:43:48 - [6849] ----D- C:\Program Files\MSXML 6.0
O43 - CFD: 14/04/2006 - 04:38:52 - [3285523] ----D- C:\Program Files\NetMeeting
O43 - CFD: 21/07/2010 - 13:20:34 - [0] ----D- C:\Program Files\Nouveau dossier
O43 - CFD: 26/08/2009 - 22:35:32 - [83707514] ----D- C:\Program Files\OLYMPUS
O43 - CFD: 18/03/2007 - 02:32:16 - [1804] ----D- C:\Program Files\Online Services
O43 - CFD: 21/07/2010 - 13:21:02 - [153791004] ----D- C:\Program Files\openoffice
O43 - CFD: 21/07/2010 - 13:24:38 - [386500888] ----D- C:\Program Files\OpenOffice.org 3
O43 - CFD: 13/05/2010 - 12:34:12 - [4380345] ----D- C:\Program Files\Outlook Express
O43 - CFD: 29/11/2009 - 15:48:56 - [9299768] ----D- C:\Program Files\PCFriendly
O43 - CFD: 15/02/2009 - 18:03:14 - [77199116] ----D- C:\Program Files\QuickTime
O43 - CFD: 06/11/2006 - 21:54:32 - [0] ----D- C:\Program Files\Real
O43 - CFD: 25/01/2010 - 15:23:08 - [43563540] ----D- C:\Program Files\Realtek AC97
O43 - CFD: 26/01/2010 - 23:53:58 - [36400897] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 07/04/2007 - 23:54:00 - [53248] ----D- C:\Program Files\REGSHAVE
O43 - CFD: 14/04/2006 - 04:39:28 - [1025] ----D- C:\Program Files\Services en ligne
O43 - CFD: 28/07/2006 - 19:38:04 - [138333] ----D- C:\Program Files\Snapshot Viewer
O43 - CFD: 14/04/2006 - 04:39:28 - [21423722] ----D- C:\Program Files\Sonic
O43 - CFD: 16/01/2010 - 21:12:48 - [1760128] ----D- C:\Program Files\StumbleUpon
O43 - CFD: 16/05/2010 - 17:49:54 - [68539828] ----D- C:\Program Files\Toshiba
O43 - CFD: 16/09/2005 - 08:57:32 - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 01/04/2007 - 11:53:48 - [115575075] ----D- C:\Program Files\VideoLAN
O43 - CFD: 09/06/2010 - 14:11:04 - [3581070] ----D- C:\Program Files\Windows Media Connect 2
O43 - CFD: 09/06/2010 - 14:28:48 - [9243362] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 18/03/2007 - 02:32:04 - [3940095] ----D- C:\Program Files\Windows NT
O43 - CFD: 16/09/2005 - 08:36:10 - [0] --H-D- C:\Program Files\WindowsUpdate
O43 - CFD: 14/04/2006 - 04:41:20 - [0] ----D- C:\Program Files\xerox
O43 - CFD: 16/08/2011 - 13:15:04 - [702162] ----D- C:\Program Files\Yahoo!
O43 - CFD: 17/08/2011 - 00:44:42 - [4007816] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 19/08/2008 - 15:38:44 - [1247504] ----D- C:\Program Files\Fichiers Communs\Adobe
O43 - CFD: 02/06/2009 - 21:55:44 - [31934636] ----D- C:\Program Files\Fichiers Communs\Adobe AIR
O43 - CFD: 15/02/2009 - 19:44:04 - [52621552] ----D- C:\Program Files\Fichiers Communs\Apple
O43 - CFD: 28/07/2006 - 19:30:58 - [86016] ----D- C:\Program Files\Fichiers Communs\Designer
O43 - CFD: 30/09/2008 - 19:32:42 - [155648] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard
O43 - CFD: 30/09/2008 - 19:33:22 - [1808896] ----D- C:\Program Files\Fichiers Communs\HP
O43 - CFD: 14/04/2006 - 04:34:22 - [10463386] ----D- C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD: 21/07/2010 - 13:23:54 - [30150114] ----D- C:\Program Files\Fichiers Communs\Java
O43 - CFD: 26/04/2010 - 17:32:56 - [29361826] ----D- C:\Program Files\Fichiers Communs\McAfee
O43 - CFD: 15/04/2011 - 08:36:34 - [147488133] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared
O43 - CFD: 14/04/2006 - 04:35:12 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap
O43 - CFD: 14/04/2006 - 04:35:12 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC
O43 - CFD: 25/01/2010 - 01:27:56 - [188043] ----D- C:\Program Files\Fichiers Communs\Real
O43 - CFD: 14/04/2006 - 04:35:12 - [8106] ----D- C:\Program Files\Fichiers Communs\Services
O43 - CFD: 14/04/2006 - 04:35:12 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines
O43 - CFD: 09/03/2007 - 20:21:32 - [0] ----D- C:\Program Files\Fichiers Communs\Symantec Shared
O43 - CFD: 13/06/2007 - 13:57:14 - [14182831] ----D- C:\Program Files\Fichiers Communs\System
O43 - CFD: 13/02/2010 - 23:10:04 - [48486973] ----D- C:\Documents and Settings\yamin\Application Data\Adobe
O43 - CFD: 19/08/2008 - 15:36:12 - [82] ----D- C:\Documents and Settings\yamin\Application Data\AdobeUM
O43 - CFD: 23/03/2008 - 01:06:12 - [630091] ----D- C:\Documents and Settings\yamin\Application Data\Apple Computer
O43 - CFD: 17/01/2011 - 21:23:30 - [18535] ----D- C:\Documents and Settings\yamin\Application Data\dvdcss
O43 - CFD: 26/10/2006 - 22:52:08 - [25458] ----D- C:\Documents and Settings\yamin\Application Data\FreeCall
O43 - CFD: 08/04/2007 - 00:02:54 - [297605] ----D- C:\Documents and Settings\yamin\Application Data\FUJIFILM
O43 - CFD: 19/02/2010 - 00:52:56 - [0] ----D- C:\Documents and Settings\yamin\Application Data\Google
O43 - CFD: 06/01/200

J espère que ca te va ...

https://pjjoint.malekal.com/files.php?id=20c9388608c9v12l11y5k11b13o11n13q14d8h13w15v6x510q15l6u6t12r12

j ai lancé malarebytes... pour une recherche complete ; par contre je viens juste de te lire, du coup, je n avais demandé au préalable un nettoyage par USB fix....

Ce n'est pas un problème, après Malwarebytes tu fais passer USBFix mode suppression!

Voici le rapport de malwarebytes.
Je lance la supression de fichier pourubsfix ...

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Version de la base de données: 7479

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.11

16/08/2011 21:40:15
mbam-log-2011-08-16 (21-40-15).txt

Type d'examen: Examen complet (C:\|F:\|)
Elément(s) analysé(s): 305902
Temps écoulé: 3 heure(s), 0 minute(s), 18 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

je te poste aussi le rapport d'usbfix après suppression des fichiers ; encore une fois merci pour tout !

Le voila, j allais oublier ...

############################## | UsbFix 7.056 | [Suppression]

Utilisateur: yamin (Administrateur) # YOUR-AB6CD29F8E [ ]
Mis à jour le 15/08/2011 par El Desaparecido
Lancé à 23:39:12 | 16/08/2011
Site Web: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: TeamXscript.ElDesaparecido@gmail.com

CPU: Intel(R) Pentium(R) M processor 1.73GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 7.0.5730.11

Pare-feu Windows: Désactivé /!\
Antivirus: Protection antivirus et antispyware McAfee [Enabled | Updated]
Firewall: Pare-feu McAfee [Enabled]
RAM -> 1022 Mo
C:\ (%systemdrive%) -> Disque fixe # 74 Go (28 Go libre(s) - 37%) [] # NTFS
D:\ -> CD-ROM

################## | Éléments infectieux |

Supprimé! C:\Recycler\S-1-5-21-882499057-3658036667-3362748757-1006

################## | Registre |


################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{5e125359-4411-11dd-805b-00166f7a9979}
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{8168fff0-e553-11db-be73-00166f7a9979}

################## | Listing |

[16/08/2011 - 13:11:51 | N | 8942] C:\Ad-Report-CLEAN[1].txt
[16/08/2011 - 13:25:19 | N | 4387] C:\Ad-Report-CLEAN[2].txt
[15/08/2011 - 13:38:49 | N | 10291] C:\Ad-Report-SCAN[1].txt
[16/08/2011 - 13:50:04 | N | 1039] C:\AdwCleaner[R1].txt
[16/08/2011 - 13:41:47 | N | 1008] C:\AdwCleaner[S1].txt
[16/09/2005 - 08:37:55 | N | 0] C:\AUTOEXEC.BAT
[25/01/2009 - 16:31:21 | N | 216] C:\boot.ini
[05/08/2004 - 12:00:00 | N | 4952] C:\Bootfont.bin
[20/11/2006 - 21:22:34 | D ] C:\c3a6be80501f60b27bc332d0
[05/07/2011 - 11:45:05 | D ] C:\coktel
[15/08/2011 - 01:19:06 | D ] C:\Config.Msi
[16/09/2005 - 08:37:55 | N | 0] C:\CONFIG.SYS
[22/12/2010 - 19:28:55 | D ] C:\Documents and Settings
[27/02/2011 - 22:48:57 | N | 76] C:\DVDPATH.TXT
[16/08/2011 - 22:02:37 | ASH | 1072156672] C:\hiberfil.sys
[14/04/2006 - 04:31:47 | D ] C:\I386
[16/09/2005 - 08:37:55 | N | 0] C:\IO.SYS
[12/05/2010 - 13:32:49 | D ] C:\Log
[06/11/2006 - 21:41:16 | D ] C:\Mes téléchargements
[16/09/2005 - 08:37:55 | N | 0] C:\MSDOS.SYS
[14/04/2006 - 04:31:47 | RHD ] C:\MSOCache
[05/08/2004 - 12:00:00 | N | 47564] C:\NTDETECT.COM
[05/08/2004 - 12:00:00 | N | 251712] C:\ntldr
[29/02/2004 - 17:44:34 | N | 52576] C:\orange.bmp
[16/08/2011 - 22:02:35 | ASH | 1610612736] C:\pagefile.sys
[16/08/2011 - 16:00:48 | N | 512] C:\PhysicalDisk0_MBR.bin
[25/05/2008 - 13:54:46 | N | 104] C:\Poste de travail.lnk
[16/08/2011 - 18:32:08 | D ] C:\Program Files
[20/11/2006 - 22:57:19 | N | 439] C:\Raccourci vers Documents de mina.lnk
[16/08/2011 - 23:45:02 | SHD ] C:\RECYCLER
[08/12/2006 - 00:03:23 | D ] C:\SiteAdvisor
[08/11/2006 - 09:09:26 | N | 268] C:\sqmdata00.sqm
[09/11/2006 - 00:17:11 | N | 268] C:\sqmdata01.sqm
[10/11/2006 - 01:18:23 | N | 268] C:\sqmdata02.sqm
[10/11/2006 - 09:23:20 | N | 268] C:\sqmdata03.sqm
[11/11/2006 - 02:16:31 | N | 268] C:\sqmdata04.sqm
[12/11/2006 - 02:17:44 | N | 268] C:\sqmdata05.sqm
[20/02/2007 - 15:49:49 | N | 268] C:\sqmdata06.sqm
[10/03/2007 - 19:55:32 | N | 268] C:\sqmdata07.sqm
[08/11/2006 - 09:09:26 | N | 244] C:\sqmnoopt00.sqm
[09/11/2006 - 00:17:11 | N | 244] C:\sqmnoopt01.sqm
[10/11/2006 - 01:18:23 | N | 244] C:\sqmnoopt02.sqm
[10/11/2006 - 09:23:20 | N | 244] C:\sqmnoopt03.sqm
[11/11/2006 - 02:16:31 | N | 244] C:\sqmnoopt04.sqm
[12/11/2006 - 02:17:44 | N | 244] C:\sqmnoopt05.sqm
[20/02/2007 - 15:49:49 | N | 244] C:\sqmnoopt06.sqm
[10/03/2007 - 19:55:32 | N | 244] C:\sqmnoopt07.sqm
[18/11/2006 - 01:48:28 | N | 1257] C:\sti.log
[31/10/2005 - 17:56:00 | N | 700416] C:\StubInstaller.exe
[14/04/2006 - 04:41:18 | D ] C:\SUPPORT
[15/05/2010 - 18:04:09 | D ] C:\swsetup
[06/04/2006 - 22:03:50 | N | 290] C:\SWSTAMP.TXT
[26/07/2006 - 20:06:27 | SHD ] C:\System Volume Information
[26/07/2006 - 20:05:48 | D ] C:\TOOLSCD
[16/08/2011 - 23:45:18 | D ] C:\UsbFix
[16/08/2011 - 23:45:20 | A | 914] C:\UsbFix.txt
[14/04/2006 - 04:47:14 | D ] C:\VALUEADD
[16/08/2011 - 13:16:46 | D ] C:\WINDOWS
[16/08/2011 - 16:00:50 | D ] C:\ZHP

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (TeamXscript)

################## | Upload |

Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_YOUR-AB6CD29F8E.zip
http://www.teamxscript.org/Upload.php
Merci de votre contribution.

################## | E.O.F |

Bonjour,
pardonne moi ;
je t adresse le lien, normalement c est le bon rapport ...

http://pjjoint.malekal.com/files.php?id=eb0fd75f27r12q5q6o8e6x14t9k12x13b13z5c8r15l8n8b9g12g14n14i15

Bonjour,
pardonne moi ;
je t adresse le lien, normalement c est le bon rapport ...

http://pjjoint.malekal.com/files.php?id=eb0fd75f27r12q5q6o8e6x14t9k12x13b13z5c8r15l8n8b9g12g14n14i15
_______________________________________________________

voila le rapport.
ca e va ?


All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}\ not found.
Registry key HKEY_CURRENT_USER\Software\searchqutoolbar\ deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: lilly
->Temp folder emptied: 19907681 bytes
->Temporary Internet Files folder emptied: 49957984 bytes
->Java cache emptied: 12118713 bytes
->Flash cache emptied: 601 bytes

User: LocalService
->Temp folder emptied: 115616 bytes
->Temporary Internet Files folder emptied: 10041144 bytes
->Flash cache emptied: 5277 bytes

User: mina
->Temp folder emptied: 52208290 bytes
->Temporary Internet Files folder emptied: 118272317 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 645 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 6389690 bytes

User: yamin
->Temp folder emptied: 104550908 bytes
->Temporary Internet Files folder emptied: 12605335 bytes
->Java cache emptied: 50621554 bytes
->FireFox cache emptied: 96161207 bytes
->Apple Safari cache emptied: 1030144 bytes
->Flash cache emptied: 80928 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 337408 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 649887257 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 64774558 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 191,00 mb


OTM by OldTimer - Version 3.1.18.0 log created on 08182011_135355

Files moved on Reboot...
C:\WINDOWS\temp\Perflib_Perfdata_7c.dat moved successfully.

Registry entries deleted on Reboot...

Bonjour fish 66,
je vais partir en vacances, et je n'ai pas eu le temps d'effectuer les manip... Dès mon retour, je m'y replonge.
A très bientôt et encore merci à toi !

Merci, j ai essayé, mais il me propose d acheter un service pour mon ordi...
J aurais préféré qq chse de gratuit ou une simple manip....
Pourquoi est ce si difficile de modifier ma page de démarrage ?
Pourquoi m impose t on un moteur de recherche ?
Je n'en reviens pas.

CA A MARCHE !
Merci beaucoup, je suis enfin débarrassé d 'ask !
si je peux aidé la communauté d'une quelconque façon ...
merci encore

Salut,
c'était presque bien ...je t adresse le lien, ci dessous :
https://pjjoint.malekal.com/files.php?id=75a34c048fr12r15g8v13x5v14z8t11t13v5p7i8s15z13f7v5j14r12d9t10